fix: harden IP and bound in-memory rate limiters (#1435)

[ionfwsrijan]

Summary

Hardens IP-based rate limiting to prevent unbounded memory growth by adding TTL eviction and bounding in-memory limiter storage.

Closes #1435

---

Type of Change

• Bug fix
• New feature
• Documentation update
• Refactor / code cleanup

---

Changes Made

• Added a reusable rate limiting utility with TTL eviction and bounded key storage.
• Applied the hardened limiter to affected code paths.
• Added regression tests for limiter behavior (src/lib/rate-limit.test.ts).

---

How to Test

1. Run .\node_modules\.bin\vitest.cmd run

---

Screenshots (if UI change)

N/A

---

Checklist

• Linked issue in summary
• npm run lint passes locally
• No TypeScript errors (npm run type-check)
• Self-reviewed the diff
• Added/updated tests if applicable

---

Accessibility Checklist

• Proper keyboard navigation tested
• Responsive UI verified
• Accessibility labels added where needed

---

Additional Notes

No UI changes; focused on server-side rate limiter correctness and safety.

[vercel]

@ionfwsrijan is attempting to deploy a commit to the PRIYANSHU DOSHI's projects Team on Vercel.

A member of the Team first needs to authorize it.

[github-actions]

GSSoC Label Checklist 🏷️

@Priyanshu-byte-coder — please apply the appropriate labels before merging:

Difficulty (pick one):

• level:beginner — 20 pts
• level:intermediate — 35 pts
• level:advanced — 55 pts
• level:critical — 80 pts

Quality (optional):

• quality:clean — ×1.2 multiplier
• quality:exceptional — ×1.5 multiplier

Validation (required to score):

• gssoc:approved — counts for points
• gssoc:invalid / gssoc:spam / gssoc:ai-slop — does not score

Type labels (type:*) are auto-detected from files and title. Review and adjust if needed.
Points formula: (difficulty × quality_multiplier) + type_bonus

[Priyanshu-byte-coder]

This PR has merge conflicts with main. Please rebase your branch against the latest main and force-push to resolve. Run: git fetch upstream && git rebase upstream/main

[ionfwsrijan]

@Priyanshu-byte-coder You may review and merge

[Priyanshu-byte-coder]

This PR has developed merge conflicts after recent merges to main. Please rebase onto the latest main branch, resolve all conflicts, and force-push. Once the PR is conflict-free it will be reviewed for merging.

[ionfwsrijan]

@Priyanshu-byte-coder You may review and merge this now